Monday, March 07, 2016

My last days at WhiteHat and setting sights on the future

I’ve said it many times; the Web is probably the greatest invention we’ll see in our lifetime. The Web touches the lives of everyone we know, every family member, every child, every friend, and everyone we meet. The Web connects over two billion people and fuels entire economies. It’s a place where we learn, communicate, and share our closest kept secrets. Something as important as the Web must be protected and I’ve always felt it was a privilege to do so. For the last 15 years, as founder of WhiteHat Security, I’ve done exactly that every single day. WhiteHat has not just changed my life, it has been my life — wholly inseparable. Bittersweet as it is, the end of March will be my last day.

Right now, I’d like to take a moment to reflect. While it’s impossible to measure, I sometimes think about how many hacks didn’t happen — how many people and companies were not hacked — as a result of the work we did at WhiteHat. People have often shared how much we’ve helped them and how important our work is. It’s an amazing feeling knowing that what you do matters. Everyone should be so fortunate. In that sense, WhiteHat is not just another company. It’s something more, much more. WhiteHat represents a mission, an ideal, a state of being. I’ve strived to embody these attributes since Day 1. I’ve always worked tirelessly to be the best at what I do and have had a personal passion for innovation.

WhiteHat was the first company to adopt a Software-as-a-Service model in Application Security. Though our statistics report that thousands rely upon, we were the first to bring measurable data to the industry. We pioneered the founding of two industry groups, OWASP and WASC. We led the creation of the first AppSec lexicon, the Threat Classification, and the language everyone uses when speaking AppSec. We’ve released much of the most cutting-edge and foundational security research to date, which has raised awareness globally. And we were the first vendor to offer a security guarantee. I’m sure sure I’m missing several other firsts, but already no other company has such a record of industry contribution and market success.

While I have a lot to be proud of, none of this would have been possible without a great many amazing people and lifelong friends. I’d like to personally thank the hundreds of WhiteHat employees, both past and present, for helping protect the Web and making WhiteHat the success that it is. They are what I’m most proud of and grateful for. Working with you all has been a singular honor. I would also like to send a very special thank you to the over 1,000 customers who believed in me, believed in WhiteHat, and entrusted us to protect them. Your trust and support always meant everything to me. Thank you to our partners all over the world who brought us to their customers and championed our cause. And thank you to the security community, the lifeblood of the entire industry, and who carry us all.

Of course many will be curious about what I’m going to do next. While I’m not yet ready to reveal those details, what I can share is that I remain genuinely excited about the future of the security industry. I’m not going anywhere. Every day I see new and interesting problems that I’d like an opportunity to solve and expand my horizons. More than anything, that’s why I’m leaving WhiteHat, but its spirit will always be with me and continue to influence my life. Any of us has the capacity to change the world, we just have to allow ourselves the chance to do so.

You are an inspiration to a lot of people in the industry man, and that certainly includes me. It was an honor to meet you once and I certainly hope to meet you again someday. When I do, im positive it'll be after some other high-impact thing you're doing. Good luck in whatever comes next Jeremiah.

I will not wish you luck because you have something far better skill, intelligence and drive. Luck is for people who make random shots in the dark and hope for a good outcome. You are more of a heat seeking missile of success.

So I like many others look forward to seeing what you next big success will be. No doubt in an area few are considering just as it was many years ago when you first focused on application security as a service.

You and Robert have always been a huge inspiration for me, even though I haven't been around the scene in years. Such is life that the first time in months or years that I go around to check the usual suspects, everyone is picking up and moving on! So many empty blogs!

All the best to you bud and hope to hear about your next ventures when you can talk about them. I'd say good luck, but you don't need it.

Wishing you all the best in your next adventure Jer. It was a sincere pleasure working with you for nearly six years. I am very proud to have worked with you and for WhiteHat Security. I always admired your humbleness and your genuine respect and dedication for your employees, your customers, and your industry peers Success can be measured in many ways - not just the company that you built, but more importantly by the person that you are.

It has been a pleasure learning from you with your WASC & OWASP contributions and working for you at WhiteHat Security in the early 2000's while watching this industry find, fix and pray *cough*/evolve. Watching you go to ground with BJJ submissions I am sure your next thing will be a game changer ALOHA

You have been a blessing to many and for that we will always be grateful. You are also a such awesome person that it was an honor to know you... Thank you very much for everything and please come by once in a while to say hi... we will always miss you..

@Shantanu That's really cool of you to say, thank you! SentinelOne is cool company, really trying to make a dent in the malware scene. It's a challenging and crowded space, but there's a problem that needs to be solved -- and it isn't yet.

About Me

Jeremiah Grossman's career spans nearly 20 years and has lived a literal lifetime in computer security to become one of the industry's biggest names. He has received a number of industry awards, been publicly thanked by Microsoft, Mozilla, Google, Facebook, and many others for his security research. Jeremiah has written hundreds of articles and white papers. As an industry veteran, he has been featured in hundreds of media outlets around the world. Jeremiah has been a guest speaker on six continents at hundreds of events including many top universities. All of this was after Jeremiah served as an information security officer at Yahoo!